ZENworks Spin on the News

Novell Cool Solutions: Tip

ZENworks News in the DOH! Department

Have you seen this story in Wired.com? Check it out. It's all about a former VP of M&A at Morgan Stanley who sold his personal BlackBerry on eBay for $15. It wasn't corporate property, but it contained corporate data. He never password protected it. He didn't know how to clean the data off of it. Consequently, the buyer received thousands of contacts, emails regarding financial and legal dealings, and more.

BlackBerry Reveals Bank's Secrets

The eBay ad read "BlackBerry RIM sold AS IS!" So Eugene Sacks (not his real name), a Seattle computer consultant who always wanted one of the pager-size devices to check his e-mail, sent in a bid. For just $15.50, he bought the wireless device with 4 MB of memory.

The BlackBerry didn't come with a cable, synching station, software or a manual. But it did come with something even more valuable: a trove of corporate data.

After popping a battery into the BlackBerry's back panel, Sacks discovered a few things the previous owner wouldn't have wanted him to see -- more than 200 internal company e-mails from financial services firm Morgan Stanley and a database of more than 1,000 names, job titles (from vice presidents to managing directors), e-mail addresses and phone numbers (some of them home numbers) for Morgan Stanley executives worldwide.

Too bad Morgan Stanley didn't know about ZENworks for Handhelds. If they'd been using it, they would have been able to

Require that a password be configured before the device could be used and then

Lock it up when the VP left so that no one could access the data any more.

ZENworks News in the ZEN Saves the Day Department

NEW: An alert reader tipped us off to this article.

Organizations scramble to patch Microsoft flaws

IT staff at the Maryland Department of the Environment immediately began deploying patches to affected servers and user workstations. The department manages about 1,200 machines in total, with Windows on almost 100% of the workstations and many of its servers, according to Hank Torrance, lead networks specialist at the Department.

Unlike their colleagues in the state's Motor Vehicle Administration who had to contend with a massive Blaster outbreak, staff at the Department of Environment successfully applied the earlier Microsoft RPC patch, MS03-026, in July and were spared Blaster's wrath, Torrance said.

The department is using the same approach with the latest vulnerabilities: relying on the built-in Windows Update feature to patch desktops and Novell's ZENworks configuration management tool to push the patch out to affected Windows servers, he said.

Microsoft Patch Process Called into Question

Last Wednesday, Vivek Kundra, director of infrastructure technologies for Arlington County, Va., said his group had problems using the Windows Update server technology to deploy the patches to fight the MSBlaster worm. The county began working to install recommended patches for the Windows RPC vulnerability the previous week, before the recent outbreak began to spread.

Although the county began the process using Microsoft's Windows Update process, it had to abandon the approach because the patches didn't always deploy properly. It is now using a Novell Inc. resource management tool called ZENworks to distribute the patches, according to Kundra. The county is now eyeing the possibility of outsourcing its patch management process to a third party.
READ the full story here.